Class: Rex::Proto::Kerberos::Model::Ticket

Inherits:

Element

• Object
• Element
• Rex::Proto::Kerberos::Model::Ticket

Defined in:

lib/rex/proto/kerberos/model/ticket.rb

Overview

This class provides a representation of a Kerberos ticket that helps a client authenticate to a service.

Constant Summary

Constants included from Rex::Proto::Kerberos::Model

AD_IF_RELEVANT, AP_REQ, AS_REP, AS_REQ, AUTHENTICATOR, ERROR_CODES, KDC_OPTION_ALLOW_POST_DATE, KDC_OPTION_ENC_TKT_IN_SKEY, KDC_OPTION_FORWARDABLE, KDC_OPTION_FORWARDED, KDC_OPTION_POST_DATED, KDC_OPTION_PROXIABLE, KDC_OPTION_PROXY, KDC_OPTION_RENEW, KDC_OPTION_RENEWABLE, KDC_OPTION_RENEWABLE_OK, KDC_OPTION_RESERVED, KDC_OPTION_UNUSED_10, KDC_OPTION_UNUSED_11, KDC_OPTION_UNUSED_7, KDC_OPTION_UNUSED_9, KDC_OPTION_VALIDATE, KRB_ERROR, NT_PRINCIPAL, NT_SRV_HST, NT_SRV_INST, NT_SRV_XHST, NT_UID, NT_UNKNOWN, PA_ENC_TIMESTAMP, PA_PAC_REQUEST, PA_PW_SALT, PA_TGS_REQ, TGS_REP, TGS_REQ, TICKET, VERSION

Constants included from Crypto

Crypto::ENC_AS_RESPONSE, Crypto::ENC_KDC_REQUEST_BODY, Crypto::ENC_TGS_RESPONSE, Crypto::RC4_HMAC, Crypto::RSA_MD5

Instance Attribute Summary

• #enc_part ⇒ Rex::Proto::Kerberos::Model::EncryptedData

  The encrypted part of the ticket.

• #realm ⇒ String

  The realm that issued the ticket.

• #sname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

  The name part of the server’s identity.

• #tkt_vno ⇒ Fixnum

  The ticket version number.

Instance Method Summary

• #decode(input) ⇒ self

  Decodes the Rex::Proto::Kerberos::Model::KrbError from an input.

• #encode ⇒ Object

Methods inherited from Element

attr_accessor, attributes, #attributes, decode, #initialize

Methods included from Crypto::RsaMd5

#checksum_rsa_md5

Methods included from Crypto::Rc4Hmac

#decrypt_rc4_hmac, #encrypt_rc4_hmac

Constructor Details

This class inherits a constructor from Rex::Proto::Kerberos::Model::Element

Instance Attribute Details

#enc_part ⇒ Rex::Proto::Kerberos::Model::EncryptedData

Returns The encrypted part of the ticket.

Returns:

• (Rex::Proto::Kerberos::Model::EncryptedData) —

  The encrypted part of the ticket

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 21

def enc_part
  @enc_part
end

#realm ⇒ String

Returns The realm that issued the ticket.

Returns:

• (String) —

  The realm that issued the ticket

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 15

def realm
  @realm
end

#sname ⇒ Rex::Proto::Kerberos::Model::PrincipalName

Returns The name part of the server’s identity.

Returns:

• (Rex::Proto::Kerberos::Model::PrincipalName) —

  The name part of the server's identity

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 18

def sname
  @sname
end

#tkt_vno ⇒ Fixnum

Returns The ticket version number.

Returns:

• (Fixnum) —

  The ticket version number

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 12

def tkt_vno
  @tkt_vno
end

Instance Method Details

#decode(input) ⇒ self

Decodes the Rex::Proto::Kerberos::Model::KrbError from an input

Parameters:

• input (String, OpenSSL::ASN1::ASN1Data) —

  the input to decode from

Returns:

• (self) —

  if decoding succeeds

Raises:

• (RuntimeError) —

  if decoding doesn't succeed

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 28

def decode(input)
  case input
  when String
    decode_string(input)
  when OpenSSL::ASN1::ASN1Data
    decode_asn1(input)
  else
    raise ::RuntimeError, 'Failed to decode Ticket, invalid input'
  end

  self
end

#encode ⇒ Object

# File 'lib/rex/proto/kerberos/model/ticket.rb', line 41

def encode
  elems = []
  elems << OpenSSL::ASN1::ASN1Data.new([encode_tkt_vno], 0, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_realm], 1, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_sname], 2, :CONTEXT_SPECIFIC)
  elems << OpenSSL::ASN1::ASN1Data.new([encode_enc_part], 3, :CONTEXT_SPECIFIC)
  seq = OpenSSL::ASN1::Sequence.new(elems)

  seq_asn1 = OpenSSL::ASN1::ASN1Data.new([seq], TICKET, :APPLICATION)

  seq_asn1.to_der
end